| Avoiding Security Hang-Ups
Do you think someone might be listening in on your cell phone calls--or those of your company's employees? It doesn't even occur to most of us, but it's an ongoing problem for many organizations concerned with industrial espionage and state-sponsored spying.
Restricting what your folks can talk about isn't really an enforceable policy and would pretty much neuter cell phones as a business tool. If cell phone security is critical to your organization, your realistic options are purpose-built "spook phones" or software-based encryption.
Or KoolSpan's TrustChip.
KoolSpan has incorporated its authentication/encryption technology into a tiny Secure Digital (SD) card, which can be plugged in to any SD-compatible cell phone for about $300 per unit.
"This has mainstream business appeal," says Nick Selby, senior analyst and director, enterprise security practice, for The 451 Group. "For some markets--defense contractors, manufacturing, pharmaceuticals--it's a no-brainer."
"Another piece of the market is critical infrastructure," says Tony Fascenda, KoolSpan founder and CEO. "It can be used for monitoring or control systems where there is a requirement for an extremely simple security environment without central key management."
KoolSpan's SecureEdge utilizes 256-bit AES in a Key token to securely connect with a Lock appliance for remote access, branch offices, LAN-to-LAN connections, wireless and VoIP.
The TrustChip miniaturizes this technology into a standard format--a fingertip-sized SD card featuring a 32-bit processor, 128 MB of Flash memory and 128 KB SRM, and low-voltage regulator, sufficient to handle encrypted voice and other applications without degrading performance.
Enterprises can administer phones and users through the KoolSpan Manager, which integrates with Active Directory or any LDAP to manage policy for groups and individuals. The policy data is stored on the chip, so you can set up unique groups for security--even on the fly. The technology scales nicely, because the chips handle all the security, communicating back to the management appliance only for periodic updates at user-defined intervals.
| The SD format allows enterprises to equip phones with TrustChip or through a KoolSpan OEM partner. KoolSpan provides an SDK so partners can secure communications for other applications.
The 451 Group's Selby thinks other apps will shortly follow to secure voice.
"The real opportunity is coming in with voice encryption that doesn't change the user experience," he says, "and an SDK for application developers to tie apps like email and IM through the same chip. Combined, it's a powerful sell.
"There's a large and growing need for it."
KoolSpan has been piloting TrustChip, which, at the time of this printing, was scheduled for general release this month.